Decrypting user password in business rule or script

anand_tank
Giga Contributor

‎10-08-2014 09:32 AM

Hi All,

 

There is need to decrypt user password and need to send it from ServiceNow to ITIM (IBM Tivoli identity manager) in string format.

 

I am trying to decrypt password with below code but it is not working as expected.

 

var Encrypter = new GlideEncrypter();

//var Encrypter = new Packages.com.glide.util.Encrypter();

var psw = Encrypter.decrypt(current.u_password);

 

I don't see decrypt function is working properly. Code is returning encrypted password only.

 

Any idea what's wrong here.

 

Thanks,

-Anand

0 Helpfuls
  • 21,175 Views
7 REPLIES 7

Fabian Kunzke
Kilo Sage
Kilo Sage
In response to Ankit Bansal

‎01-10-2019 02:34 AM

Hey,

I am not the OP but i'll give this a try:
I guess you are using the GlideEncrypter API (thus the object error) within a scoped application. Check the scope of your script include/business rule as i am under the impression that it is in fact not global:

The GlideEncrypter class is used in server scripts in the global scope.

Try the same scriptlet in a global context.

Greetings

Fabian

0 Helpfuls

Abhishek Pidwa
Kilo Guru
In response to anand_tank

‎03-09-2019 07:28 PM

HI Anand,

 

Did you enhance your current functionality ? I mean sending passwords in plain text is a huge security flaw. I am doing a similar stuff but want to send encrypted password to .NET REST API and let  REST API handle the decryption but unable to achieve it till now.

 

Do you have any thoughts ?

 

Thanks.

0 Helpfuls

DrewW
Mega Sage
Mega Sage

‎09-06-2021 05:09 PM

Just posting an update since its been a long time and there is a new way to do this with a Password2 field.

Password2 encryption with KMF | ServiceNow Docs

 

0 Helpfuls